An Open Internet: A Tale Of Two Approaches

The Obama administration takes a hard line, while the Aspen Institute sticks with softer platitudes, as some governments try to restrict Internet freedoms.

When it comes to assailing governments that oppress their citizens and choke their economies by controlling and manipulating the free flow of information, there's the hard approach and there's the soft approach.

The Obama administration on Monday took a hard line, authorizing sanctions against countries and U.S. companies that help the governments of Syria and Iran acquire and use IT to track down dissidents or cut off their Internet access. The executive order effectively blocks, without notice, the assets of any entity that sells technology to Syria and Iran, or helps those governments deploy technology, that disrupts, monitors, and tracks their citizens' communications.

The U.S. Treasury Department will block funds and take other measures necessary to enforce the executive order, which is being carried out in the name of bolstering U.S. national security (tenuous link) and stopping Syria and Iran from "facilitating or committing serious human rights abuses" (much more to the point).

Critics immediately warned that the executive order's imprecise language could lead to unintended consequences--for instance, well-intentioned tech companies getting sanctioned because their products fall into the wrong hands for malevolent purposes. And privacy advocates complained about hypocrisy from a U.S. government that tracks its own citizens for reasons of anti-terrorism. But at least Obama's executive order doesn't beat around the bush.

Then there's the soft approach, which the Aspen Institute takes with a new initiative called IDEA (International Digital Economy Accords). It's aimed at ensuring that citizens and consumers across borders "have a trusted, robust, and reliable Internet, where access is easy and where the rights of privacy, property, and security are respected"--all amid "the risk of political and technological disruption."

No one can argue with such an endeavor, but it's so broad and squishy and consensus-laden that it's almost pointless. The IDEA project, which "proceeded by means of four plenary sessions, multiple working groups, and a series of working papers and documents," released a 137-page report on Tuesday that's a textbook of think tank gobbledygook. It's filled with self-evident bromides ("at current growth rates everyone with Internet access will join the Internet community within a decade") and policy platitudes ("establish a fair, effective, and empowering system for governing the flow and use of data in a single global digital economy").

The IDEA project has enlisted government bureaucrats, lawyers, academics, consultants, and executives from around the world to "develop a consensus view about the beliefs and values of the Internet" and "construct a means of implementing that view." But the report--at least this first one, as there are more to come from the IDEA participants--is short on implementation details.

The report's authors, alluding to "hard cases" (Syria and Iran are obvious examples), concede that IDEA won't succeed unless it can "resolve real cases of deviation from generally accepted principles and problematic cases of enforcement of said principles." In other words, unless the IDEA folks can get oppressive and totalitarian governments to come around to their way of thinking on Internet freedom and openness, their pronouncements are just a theoretical exercise. I didn't see any representatives of Syria or Iran (or North Korea or Cuba or China) on IDEA's committees of the good and great, and I don't think those countries are much interested in engaging in this "empowering" and "multistakeholder" dialog.

Most of us agree that an open Internet--one free of parochial regulations, pernicious government manipulation and control, commercial abuse, and criminal activity--is the ideal. But we must focus on the means of achieving those goals, not just the ends.

Hacktivist and cybercriminal threats concern IT teams most, our first Federal Government Cybersecurity Survey reveals. Here's how they're fighting back. Also in the new, all-digital Top Federal IT Threats issue of InformqtionWeek Government: Why federal efforts to cut IT costs don't go far enough, and how the State Department is enhancing security. (Free registration required.)

So Obama took the old "blockade" approach (shades of Berlin or Cuba) which will probably end the same way, ineffective. The Aspen Institute took a more liberal approach - let's call it the flowers and organic approach of the 60's combined with a good dose of I'm ok, you're ok or win-win vision of utopia. A look at the EU 12 year's later should answer the question about attainability of such an enlarged concensus (although I can think of no better way to employ so many minds). If it is applied to Syria or Iran, why not China, do they not control internal media (not to mention how the US capital punishment is viewed)? Always back to that fluid concept called national interest.

With nothing really new then, my vote is for the old fashioned approach, a mix of humint and communications control (interception, site obscuration, SIGINT, etc.) to block what would be labelled the oppressor and favor the oppressed. However, going back briefly on the first sentence of the article, we should remember that a major industrial european nation until recently had as the Prime Minister (by that influence of the state press) an individual that owned or controlled a vast majority of the free press resources. Do we believe they had "free flow of information?"

Sanctions against malefactors are critical and they are happening particularly in Iran. In fact China has just aligned itself with the Iran oil embargo-for the moment at least while this move serves its own interests. But sanctions only work if a large pool of nations act in concert. That sounds like another good IDEA.

I don't think that what Obama has done is THE answer. I'm betting he doesn't either. For sure it'll "fail" if the results you are measuring are that China no longer arrests dissidents for blogging, etc., etc. That will not happen.

Metaphorically this is a blockade I suppose. Use that metaphor with caution though. There are no military expenditures. No lives on our side or others' are put in jeopardy. We can safely assume this risk; hopefully we'll be flexible enough to do a u-turn if it's counterproductive.

Whatever the measured success, I would sugest that posturing, taking a stand on the side of fairness, counts for something in the world. The internet has the potential to be the tool of 1984. We need to rally to the cause of preventing that.

Where I would quibble is that I want Obama to take the same stance against misuse of internet snooping in the U.S. The specter of Son of 9/11 was misused to stoke nationwide fear and gain support for measures that are contrary to the values of freedom that we claim to represent in the world. Re-calibrating some of these regulations would give a moral heft to our position that is lacking now. I've not seen Obama show leadership on that front. Still waiting.

I agree that taking a stand on the side of fairness and liberty counts for something, even if the specific effects on a specific country are not ideal. Having a firm policy view allows one to use other levers of soft power, including tariffs and other economic means. This sort of stand is also important in the realm of technological development -- what sorts of features / back doors / specifications which we require for our domestic development will set a pattern for best practices in the rest of the world. Of course there will be people who develop mal-ware or oppression-ware, but if the USA and EU set standards for the software they will buy, that will influence the market.

The US government disrupts, monitors, and tracks the communications of way more people than just its citizens. I am convinced that writing this comment will get sifted through by government entities and filed as another hit on my record. Although I do not disagree with the government's stand on Iran and Syria, making such decisions are nothing more than hypocrisy.

To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.

Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.